From: Namhyung Kim <namhyung@gmail.com>
To: Lukas Czerner <lczerner@redhat.com>
Cc: Theodore Tso <tytso@mit.edu>, linux-ext4@vger.kernel.org
Subject: Re: [PATCH 13/15] mke2fs: fix potential memory leak in mke2fs_setup_tdb()
Date: Wed, 01 Dec 2010 21:32:52 +0900 [thread overview]
Message-ID: <1291206772.1684.26.camel@leonhard> (raw)
In-Reply-To: <alpine.LFD.2.00.1011301350290.3004@dhcp-lab-213.englab.brq.redhat.com>
2010-11-30 (화), 14:02 +0100, Lukas Czerner:
> On Mon, 29 Nov 2010, Namhyung Kim wrote:
>
> > 'tmp_name' allocated by strdup() should also be freed if error.
> > Also check return value of set_undo_io_backup_file() for possible
> > memory failure. A whitespace fix is added too.
> >
> > Signed-off-by: Namhyung Kim <namhyung@gmail.com>
> > ---
> > misc/mke2fs.c | 11 +++++++----
> > 1 files changed, 7 insertions(+), 4 deletions(-)
> >
> > diff --git a/misc/mke2fs.c b/misc/mke2fs.c
> > index 6e2092d..644b287 100644
> > --- a/misc/mke2fs.c
> > +++ b/misc/mke2fs.c
> > @@ -1882,15 +1882,17 @@ static int mke2fs_setup_tdb(const char *name, io_manager *io_ptr)
> >
> > tmp_name = strdup(name);
> > if (!tmp_name) {
> > - alloc_fn_fail:
> > - com_err(program_name, ENOMEM,
> > +alloc_fn_fail:
> > + com_err(program_name, ENOMEM,
> > _("Couldn't allocate memory for tdb filename\n"));
> > return ENOMEM;
> > }
>
> What about putting the alloc_fn_fail at the end of the function ? after return
> retval?
>
No problem.
> > device_name = basename(tmp_name);
> > tdb_file = malloc(strlen(tdb_dir) + 8 + strlen(device_name) + 7 + 1);
> > - if (!tdb_file)
> > + if (!tdb_file) {
> > + free(tmp_name);
>
> What about adding
>
> if (tmp_name)
> free(tmp_name);
>
> in alloc_fs_fail context ?
I guess just free(tmp_name) is enough.
> > goto alloc_fn_fail;
> > + }
> > sprintf(tdb_file, "%s/mke2fs-%s.e2undo", tdb_dir, device_name);
> >
> > if (!access(tdb_file, F_OK)) {
> > @@ -1899,6 +1901,7 @@ static int mke2fs_setup_tdb(const char *name, io_manager *io_ptr)
> > com_err(program_name, retval,
> > _("while trying to delete %s"),
> > tdb_file);
> > + free(tmp_name);
> > free(tdb_file);
> > return retval;
> > }
> > @@ -1906,7 +1909,7 @@ static int mke2fs_setup_tdb(const char *name, io_manager *io_ptr)
> >
> > set_undo_io_backing_manager(*io_ptr);
> > *io_ptr = undo_io_manager;
> > - set_undo_io_backup_file(tdb_file);
> > + retval = set_undo_io_backup_file(tdb_file);
>
> You should probably return ENOMEM when this fails, moreover when
> set_undo_io_backup() you'll try to free not allocated space.
>
Its only user doesn't check the actual return value and simply does
exit(1). And confusingly, tdb_file here is a local variable and
allocated successully so there will be no problem. Also AFAIK C permits
to pass NULL to free(), means no operation.
--
Regards,
Namhyung Kim
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-12-01 12:33 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-29 8:55 [PATCH 00/15] e2fsprogs cleanups Namhyung Kim
2010-11-29 8:55 ` [PATCH 01/15 RESEND] libext2fs: fix potential build failure with OMIT_COM_ERR Namhyung Kim
2010-12-20 15:04 ` [01/15, " Ted Ts'o
2010-11-29 8:55 ` [PATCH 02/15 RESEND] libext2fs: fix dubious code in ext2fs_numeric_progress_init() Namhyung Kim
2010-12-20 15:04 ` [02/15, " Ted Ts'o
2010-11-29 8:55 ` [PATCH 03/15] mke2fs: simplify inode table block counting Namhyung Kim
2010-11-30 12:01 ` Lukas Czerner
2010-12-01 11:49 ` Namhyung Kim
2010-12-20 15:44 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 04/15] libext2fs: remove unnecessary casts to ext2fs_generic_bitmap Namhyung Kim
2010-12-20 15:50 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 05/15] libext2fs: fix dubious code in ext2fs_unmark_generic_bitmap() Namhyung Kim
2010-12-20 15:54 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 06/15] libext2fs: invalid EXT4_FEATURE_RO_COMPAT_HUGE_FILE checks Namhyung Kim
2010-12-20 15:55 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 07/15] libext2fs: fix error path in ext2fs_update_bb_inode() Namhyung Kim
2010-12-20 16:01 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 08/15] libext2fs: fix memory leak on error path Namhyung Kim
2010-11-30 12:23 ` Lukas Czerner
2010-12-21 23:06 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 09/15] mke2fs: check return value of e2p_os2string() Namhyung Kim
2010-12-21 23:13 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 10/15] mke2fs.8.in: add missing "big" and "huge" usage-type description Namhyung Kim
2010-12-21 23:45 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 11/15] mke2fs: fix determination of size_type Namhyung Kim
2010-11-30 12:33 ` Lukas Czerner
2010-12-01 12:37 ` Namhyung Kim
2010-12-01 15:46 ` Lukas Czerner
2010-12-21 23:45 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 12/15] mke2fs: add some error checks into PRS() Namhyung Kim
2010-11-30 12:46 ` Lukas Czerner
2010-12-01 12:03 ` Namhyung Kim
2010-12-16 9:40 ` [PATCH v2 " Namhyung Kim
2010-12-16 12:19 ` Lukas Czerner
2010-12-22 1:34 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 13/15] mke2fs: fix potential memory leak in mke2fs_setup_tdb() Namhyung Kim
2010-11-30 13:02 ` Lukas Czerner
2010-12-01 12:32 ` Namhyung Kim [this message]
2010-12-16 9:42 ` [PATCH v2 " Namhyung Kim
2010-12-16 12:21 ` Lukas Czerner
2010-11-29 8:55 ` [PATCH 14/15] libext2fs: fix possible memory leak in write_journal_inode() Namhyung Kim
2010-12-22 15:43 ` Ted Ts'o
2010-11-29 8:55 ` [PATCH 15/15] mke2fs.8.in: add ENVIRONMENT section Namhyung Kim
2010-12-22 15:43 ` Ted Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1291206772.1684.26.camel@leonhard \
--to=namhyung@gmail.com \
--cc=lczerner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.